Need help making a simple script w/ mysql

EQtitan

Here's the basic idea:

Plan: code.html

Some alphanumeric data will be entered into the input with a maxlength of 10 characters.

code.html

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Donate your DewU codes</title>
<style type="text/css">

</style>
</head>

<body>

<form method="post" action="do_authtest.php">

<p class="style2">
<strong>DewU Code:</strong></p>
<span class="style2">

</span>
<p><input type="text" name="dew_code" length="10" maxlength="10"></p>

<p><input type="submit" name="submit" value="Enter Code"></p>

</body>
</html>

Plan: do_auth.php

Check to see if any data was entered at all, if no data was entered show code.html again. If data was entered take data using the $_POST variable. Open a database connection. Look to see if the code has already been entered into the database, if it has not then enter it. If the code has already been entered <? echo "This code has already been entered!" ?>.

do_auth.php This Is what I have so far (Am I heading in the right direction?)

<?
/* Check to see if data was submitted */
$chk_code = $_POST[dew_code]
if ($chk_code == '') {
	header("Location: [url]http://127.0.0.1/code.html[/url]");
	exit;
}
/* Create a variable to hold database */
$db_name = "codeDB";
/* Create a variable to hold table within db */
$table_name = "code";
/* Connect  to db */
$connect = mysql_connect("localhost", "root", "qwerty") or die(mysql_error());
/* Look at all codes within code table */
$db = mysql_select_db($db_name, $connect) or die(mysql_error());
/* Try to find a duplicate */
$sql = "SELECT * FROM $table_name WHERE code = '$_POST[$chk_code]'";
/* Variable to hold the results in */
$result = mysql_query($sql,$connection) or die(mysql_error());
/* If a result is found make it = $num */
$num = mysql_num_rows($result);
if ($num != 0) {
	$msg = "<p>I already have this code on file please try again</p>";
} else {
	$sql = "INSERT INTO $table_name (dew_code) VALUES ('$_POST[dew_code]'");
		$msg = "Code ($dew_code) has been added to $table_name";
}
?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Do Auth</title>
<style type="text/css">
<!--
body,td,th {
	color: #FFFFFF;
}
body {
	background-color: #000000;
}
-->
</style></head>

<body>

<? echo = "$msg"; ?>

</body>
</html>

leatherback

Hi,

Yes, and no ;-)

-> Your redirect:

header("Location: <a href="http://127.0.0.1/code.html" target="_blank">http://127.0.0.1/code.html</a>");

should be:

header("Location: http://127.0.0.1/code.html");

-> you do not need the exit after the redirect, since the page will not be loaded any further

-> Your database query:

$sql = "SELECT * FROM $table_name WHERE ColumToSearchForCode = $chk_code";

EQtitan

OK, I updated my first post to reflect some changes to the do_auth.php.

The <a href=""></a> in my header tag is being added by the bbcode when I submit the post.

In the WHERE section of my code does that have to be WHERE code = '$POST[dew_code]' or code = '$POST[$chk_code]' or does it not really matter.

bubblenut

Originally posted by leatherback
Hi,
-> you do not need the exit after the redirect, since the page will not be loaded any further

Not strictly true, the header command just set's info to the http header. everything else is still run but the user doesn't see this because he is redirected as soon as the http message starts on the body. The script does continue to run on the server though. Try the following as a little experiment.

<?php
$fp=fopen('./afile.dat','w+');
for($i=0;$i<10;$i++) {
  fwrite($fp, "$i\n");
}
header('Location: [url]http://www.google.com[/url]');
for(;$i<20;$i++) {
  fwrite($fp, "$i\n");
}
echo('blah'); //Start the http body
for(;$i<30;$i++) {
  fwrite($fp, "$i\n");
}
?>

Usually the only issue is that you have code being run unnecessarily on your server. However consider the following.

if($condition==true) {
  header('Location: page1.php');
}
header('Location: page2.php');

Where would you be redirected to if $condition where true? The answer is, you'd still be redirected to page2.php because that will be the last Location header that the browser sees.
I only found all this out last week to be honest (doing some load balancing stuff accross our servers).

HTH
Bubble
[edit]Typos[/edit]

laserlight

Slight correction to bubblenut's example:

header('Location: http://www.google.com');

Also, there should be an fclose($fp); at least for completeness' sake.

I didnt notice it when testing it out.

I actually predicted (incorrectly) that the final writing to file should not be done as headers would be sent.

EQtitan

Not really sure how, this topic went off course but can we please get back to the topic at hand as the off topic conversation isn't helping me any.

BTW :: the <a href> tags are being added when you post not by the person posting them.

bubblenut

Sorry, my fault :o

if ($chk_code == ") {
    header("Location: <a href="http://127.0.0.1/code.html" target="_blank">[url]http://127.0.0.1/code.html[/url]</a>");
}

You're missing a closing double quote in the condition here.
Also, are you getting any errors? In what way is the script not working?

EQtitan

if ($chk_code == ") { 
    header("Location: http://127.0.0.1/code.html");
    exit;
}

Looks right to me...? What do you mean?

laserlight

$chk_code == "

should be
$chk_code == ""
or
$chk_code == ''

EQtitan

Ok, sorry the book I've been reading doesn't say anything about that "" or '' or looks like 1 set of quotation marks. Thanks for the clarification.

I tried the '' and "" and it doesn't work when I use it that way on " ????

So, as it stand does that code look right.